AM335x SDK crypto example issue

Alyautdin Roman

Intellectual 345 points

TI SDK version

AM335xSDK 08_00_00_00

Build date: 02112015

http://software-dl.ti.com/sitara_linux/esd/AM335xSDK/latest/index_FDS.html

Hardware

BeagleBone Black (PCB revB3)

Summary

Using default prebuilt binaries from TI SDK package with supported hardware It was shown that hardware acceleration of cryptography leads to “bad decrypt” openssl issue

Examples from http://processors.wiki.ti.com/index.php/Sitara_Linux_Training:_Cryptography#Description_3

do not work.

In case of unloading cryptodev module the examples are ok.

Details

booting image preparation
issue reproduction sequence

Booting image preparation

The steps are taken from

http://processors.wiki.ti.com/index.php/Sitara_Linux_SDK_create_SD_card_script

+
cp ../../ti-sdk-am335x-evm-08.00.00.00/board-support/prebuilt-images/am335x-boneblack.dtb /media/boot/

Issue reproduction sequence

example 1

root@am335x-evm:~# openssl enc -p -aes-256-cbc -salt -in /usr/share/matrix-gui2.0/index.php -out index_php.enc -pass pass:123

salt=64F8B620E5292C3F

key=74DA4121DC1C0ED2A8E5B0741F824034B7D52B97B5B384EB5E14662106C74427

iv =B7D52B97B5B384EB5E14662106C74427

root@am335x-evm:~# ls -al

drwxr-sr-x 2 root root 4096 Feb 11 15:14 .

drwxr-sr-x 3 root root 4096 Feb 11 15:06 ..

-rw-r--r-- 1 root root 6000 Feb 11 15:14 index_php.enc

root@am335x-evm:~# openssl enc -d -p -aes-256-cbc -in index_php.enc -out index_hp.dec -pass pass:123

salt=64F8B620E5292C3F

key=74DA4121DC1C0ED2A8E5B0741F824034D013FFD466EE5FCC72E82895DCFD72A9

iv =D013FFD466EE5FCC72E82895DCFD72A9

bad decrypt

root@am335x-evm:~# diff /usr/share/matrix-gui-2.0/index.php index_php.dec

Files /usr/share/matrix-gui-2.0/index.php and index_php.dec differ

root@am335x-evm:~#

root@am335x-evm:~# openssl engine

(cryptodev) cryptodev engine

(dynamic) Dynamic engine loading support

But if we unload cryptodev (ie use software mode of openssl) the same example from ti site is ok

example 2

root@am335x-evm:~# rmmod -f cryptodev

[ 860.664804] Disabling lock debugging due to kernel taint

[ 860.675080] cryptodev: driver unloaded.

root@am335x-evm:~#

root@am335x-evm:~# openssl engine

(dynamic) Dynamic engine loading support

root@am335x-evm:~# rm -rf *

root@am335x-evm:~# openssl enc -p -aes-256-cbc -salt -in /usr/share/matrix-gui-.0/index.php -out index_php.enc -pass pass:123

salt=4D09CCC7DB1E5FB6

key=0EE87E934116500C077F4B6CD7639DBD0BA8DF634C05970685BB258592BDF9B3

iv =445ACAE3ECA1F3929326486954D81CFA

root@am335x-evm:~# openssl enc -d -p -aes-256-cbc -in index_php.enc -out index_p.dec -pass pass:123

salt=4D09CCC7DB1E5FB6

key=0EE87E934116500C077F4B6CD7639DBD0BA8DF634C05970685BB258592BDF9B3

iv =445ACAE3ECA1F3929326486954D81CFA

root@am335x-evm:~#

root@am335x-evm:~# diff /usr/share/matrix-gui-2.0/index.php ./index_hp.dec

root@am335x-evm:~#

Same results were received with aes128-cbc with preconfigured ivs (as ivs unexpectedly differ in example 1 ).

Has anybody faced the issue?

over 9 years ago

0 Biser Gatchev-XID over 9 years ago

TI__Guru**** 393215 points

Hi Alyautdin,

I will forward this to the SW team.

0 Alyautdin Roman over 9 years ago in reply to Biser Gatchev-XID

Intellectual 345 points

Hi Biser,
Has the SW team confirmed the issue? Do you need any additional details?

Regards,
Roman

0 Biser Gatchev-XID over 9 years ago in reply to Alyautdin Roman

TI__Guru**** 393215 points

No feedback so far. Reply will be posted here when available.

0 Matthijs van Duin over 9 years ago

Mastermind 8020 points

Alyautdin Roman said:
root@am335x-evm:~# openssl enc -p -aes-256-cbc -salt -in /usr/share/matrix-gui2.0/index.php -out index_php.enc -pass pass:123 salt=64F8B620E5292C3F key=74DA4121DC1C0ED2A8E5B0741F824034B7D52B97B5B384EB5E14662106C74427 iv =B7D52B97B5B384EB5E14662106C74427 root@am335x-evm:~# openssl enc -d -p -aes-256-cbc -in index_php.enc -out index_hp.dec -pass pass:123 salt=64F8B620E5292C3F key=74DA4121DC1C0ED2A8E5B0741F824034D013FFD466EE5FCC72E82895DCFD72A9 iv =D013FFD466EE5FCC72E82895DCFD72A9 bad decrypt

There's clearly something going horribly wrong there in key derivation already: both the key and the iv are wrong for the given password + salt, and moreover the derived keys disagree for encrypt and decrypt.

Can you try bypassing key derivation altogether as a simple test, e.g.:

head -c 32 /dev/zero | openssl enc -aes-128-cbc -nosalt -nopad -K 00000000000000000000000000000000 -iv 00000000000000000000000000000000 | hexdump -C

expected output:

00000000 66 e9 4b d4 ef 8a 2c 3b 88 4c fa 59 ca 34 2b 2e |f.K...,;.L.Y.4+.| 00000010 f7 95 bd 4a 52 e2 9e d7 13 d3 13 fa 20 e9 8d bc |...JR....... ...|

If this works correctly, then since key derivation uses MD5, the issue probably lies with the omap-sham driver. I've seen quite a few people having problems with it.

0 Alyautdin Roman over 9 years ago in reply to Matthijs van Duin

Intellectual 345 points

Thanks Matthijs!

Looks like you are right regarding sham driver issue. The provided test has shown the expected result.

I decided t inbind the driver and this influenced the behaviuor.

I hope TI would reproduce the issue:

root@am335x-evm:~# openssl enc -p -aes-256-cbc -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123

salt=EE204A81E67F8061

key=74DA4121DC1C0ED2A8E5B0741F824034BFCC0784C542DF1E92AAF5C3F0018930

iv =BFCC0784C542DF1E92AAF5C3F0018930

root@am335x-evm:~# ls -al

drwxr-sr-x 2 root root 4096 Feb 11 15:33 .

drwxr-sr-x 3 root root 4096 Feb 11 15:06 ..

-rw-r--r-- 1 root root 6000 Feb 11 15:33 index_php.enc

root@am335x-evm:~# openssl enc -d -p -aes-256-cbc -in index_php.enc -out index_hp.dec -pass pass:123

salt=EE204A81E67F8061

key=74DA4121DC1C0ED2A8E5B0741F824034251DD8FA4929AA02C4F5220005A49D10

iv =251DD8FA4929AA02C4F5220005A49D10

bad decrypt

root@am335x-evm:~# dmesg | grep sham

[ 1.335302] omap-sham 53100000.sham: hw accel on OMAP rev 4.3

root@am335x-evm:~# echo 53100000.sham > /sys/bus/platform/devices/53100000.sham/driver/unbind

root@am335x-evm:~# rm -rf *

root@am335x-evm:~# openssl enc -p -aes-256-cbc -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123

salt=5DCD6A81A297B312

key=789627A3F042D1AA46129151564890CA9EF190B67B838EAC4ADDB15B0DA8F303

iv =7D3B1A7C50559698651D2C6C3C2E9733

root@am335x-evm:~# openssl enc -d -p -aes-256-cbc -in index_php.enc -out index_hp.dec -pass pass:123

salt=5DCD6A81A297B312

key=789627A3F042D1AA46129151564890CA9EF190B67B838EAC4ADDB15B0DA8F303

iv =7D3B1A7C50559698651D2C6C3C2E9733

root@am335x-evm:~# diff ./index_hp.dec /usr/share/matrix-gui-2.0/index.php

0 Rahul Prabhu over 9 years ago in reply to Alyautdin Roman

TI__Guru** 114410 points

Hi Roman,

We have reproduced the issue that you are reporting and we are currently looking at the omap-sham driver. We will post a patch after we root cause the issue and get back to you.

Regards,
Rahul

0 Rahul Prabhu over 9 years ago in reply to Rahul Prabhu

TI__Guru** 114410 points

Hi Roman,

We found an issue with the omap-sham driver file in the function omap_sham_append_sg function that was causing this issue. The kmap_atomic() function appears to give only the page address of the input page. The driver needs to add the offset of the scatterlist within the page to the returned page address. omap-sham driver in AMSDK 8.0 is not adding the offset to page and directly operates on the return vale of kmap_atomic(), because of which we are seeing the error that comes while running crypto tests using OpenSSL.

I have created a patch with the fix and tested it with the instructions that you have been using. I now see the decrypted file matches the original file. Can you please try this patch andlet us know if your issue is resolved. In order to apply the fix , you will need to rebuild your kernel and cryptodev and install kernel, modules and cryptodev to the target filesystem.Let us know if you still see the issue.

0001-crypto-omap-sham-Add-the-offset-of-sg-page-to-vaddr_amsdk8.patch

Regards,

Rahul

0 Alyautdin Roman over 9 years ago in reply to Rahul Prabhu

Intellectual 345 points

Thanks Rahul,

I have applied the patch. It resolves the sham driver issue at least aes-256-cbc is ok now. But other types of encryption are not. I suspect another issue may take place please look at the log provided, with patch the cbc is ok unless first ctr is used. After it the openssl gives bas decrypt, Please check and if you confirm we may open another thread or carry on here:

root@am335x-evm:~# uname -a
Linux am335x-evm 3.14.26-g29d70f7 #2 Thu Apr 9 20:05:05 MSK 2015 armv7l GNU/Linux
root@am335x-evm:~# rm -rf *
root@am335x-evm:~# openssl enc -p -aes-256-cbc -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123
salt=5A30C3152421FC0F
key=E505C92FA85986F053F8922440D192686549F10F021EC4B662D6975442C7BDDA
iv =5C1CAB3B856E653450C56694B2D9FEBC
root@am335x-evm:~# openssl enc -d -p -aes-256-cbc -in index_php.enc -out index_hp.dec -pass pass:123
salt=5A30C3152421FC0F
key=E505C92FA85986F053F8922440D192686549F10F021EC4B662D6975442C7BDDA
iv =5C1CAB3B856E653450C56694B2D9FEBC
root@am335x-evm:~# openssl enc -p -aes-256-cbc -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123
salt=F80505F1DC5CBAFC
key=D7A0570C2F4ACC2AFA068F084FE79B5E6589B7748DD5A77F612B3B42E3035278
iv =0106E2881DFD40723AD495234A50A326
root@am335x-evm:~# openssl enc -d -p -aes-256-cbc -in index_php.enc -out index_hp.dec -pass pass:123
salt=F80505F1DC5CBAFC
key=D7A0570C2F4ACC2AFA068F084FE79B5E6589B7748DD5A77F612B3B42E3035278
iv =0106E2881DFD40723AD495234A50A326
root@am335x-evm:~# openssl enc -p -aes-256-ctr -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123
salt=6F08C125E25753EA
key=FD72748D07BED4D8904091EDD4AFCFB44291C5D476D05495814A19E169925944
iv =5B2B4D83310E53B2C6572C9F47BFAC36
root@am335x-evm:~# openssl enc -d -p -aes-256-ctr -in index_php.enc -out index_hp.dec -pass pass:123
salt=6F08C125E25753EA
key=FD72748D07BED4D8904091EDD4AFCFB44291C5D476D05495814A19E169925944
iv =5B2B4D83310E53B2C6572C9F47BFAC36
bad decrypt

0 Rahul Prabhu over 9 years ago in reply to Alyautdin Roman

TI__Guru** 114410 points

Hi Roman,

This may be a tricky one. After I read your post, I suspected the AES driver so I tried to unbind it and try the experiment but I still got the bad decrypt message. Then I unbind the sham driver and still got the bad decrypt message. It was only after I removed cryptodev that the decryption completes without any issues. Here is the log from my experiments.

root@am335x-evm:/opt# openssl enc -p -aes-256-ctr -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123
salt=EBE1D21565B43413
key=9068E22873FDC2CDB3F42D9EF461032737ED7898D50260EE254FE39D2BB8F1C8
iv =EC2FFCF5269F6BF16BFF6D48D233B7CE
root@am335x-evm:/opt# openssl enc -d -p -aes-256-ctr -in index_php.enc -out index_php.dec -pass pass:123
salt=EBE1D21565B43413
key=9068E22873FDC2CDB3F42D9EF461032737ED7898D50260EE254FE39D2BB8F1C8
iv =EC2FFCF5269F6BF16BFF6D48D233B7CE
bad decrypt
root@am335x-evm:/opt# dmesg | grep aes
[ 1.322864] omap-aes 53500000.aes: OMAP AES hw accel rev: 3.2
root@am335x-evm:/opt# echo 53500000.aes > /sys/bus/platform/devices/53500000.aes/driver/unbind
root@am335x-evm:/opt# rm -rf *
root@am335x-evm:/opt# openssl enc -p -aes-256-ctr -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123
salt=EE7817C13D91ED9C
key=0B9E80E5F7F448583FE8C58E326C6F3EEFB1A2C6F2D77D2F0F59EA8215C8F94B
iv =422D33471BB4B99BC98D05F937214145
root@am335x-evm:/opt# openssl enc -d -p -aes-256-ctr -in index_php.enc -out index_php.dec -pass pass:123
salt=EE7817C13D91ED9C
key=0B9E80E5F7F448583FE8C58E326C6F3EEFB1A2C6F2D77D2F0F59EA8215C8F94B
iv =422D33471BB4B99BC98D05F937214145
bad decrypt
root@am335x-evm:/opt# dmesg | grep sham
[ 1.335585] omap-sham 53100000.sham: hw accel on OMAP rev 4.3
root@am335x-evm:/opt# echo 53100000.sham > /sys/bus/platform/devices/53100000.sham/driver/unbind
root@am335x-evm:/opt# rm -rf *
root@am335x-evm:/opt# openssl enc -p -aes-256-ctr -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123
salt=71810A4769F041BA
key=8D3DECD90B8406EB2C74BC45E3F96D1B0AEA68F4F9E99261A8B4F595E64EAC26
iv =575B508B313CA5CB490F848971FC2EFF
root@am335x-evm:/opt# openssl enc -d -p -aes-256-ctr -in index_php.enc -out index_php.dec -pass pass:123
salt=71810A4769F041BA
key=8D3DECD90B8406EB2C74BC45E3F96D1B0AEA68F4F9E99261A8B4F595E64EAC26
iv =575B508B313CA5CB490F848971FC2EFF
bad decrypt
root@am335x-evm:/opt# rmmod -f cryptodev
[ 514.144640] Disabling lock debugging due to kernel taint
[ 514.154812] cryptodev: driver unloaded.
root@am335x-evm:/opt# rm -rf *
root@am335x-evm:/opt# openssl enc -p -aes-256-ctr -salt -in /usr/share/matrix-gui-2.0/index.php -out index_php.enc -pass pass:123
salt=41ACDF49F40B6761
key=E6FB71EC236C68A52912C7994805FFCA711469E4C5036C0E728FB00EDF842944
iv =B30DC1D3282F378CE746D01D54639CF1
root@am335x-evm:/opt# openssl enc -d -p -aes-256-ctr -in index_php.enc -out index_php.dec -pass pass:123
salt=41ACDF49F40B6761
key=E6FB71EC236C68A52912C7994805FFCA711469E4C5036C0E728FB00EDF842944
iv =B30DC1D3282F378CE746D01D54639CF1

I also built the kernel with the crypto hardware AES and SHA drivers disabled, just to verify and still saw the bad decrypt issue until I remove the cryptodev module.At the moment, I believe the issue doesn`t lie with the drivers but with the cryptodev engine. If it is an issue with the cryptodev engine, you may need to report this on the cryptodev-linux mailing list.

Regards,

Rahul

0 Rahul Prabhu over 9 years ago in reply to Rahul Prabhu

TI__Guru** 114410 points

deleted duplicate post

0 Henry Luis over 9 years ago in reply to Rahul Prabhu

Prodigy 100 points

Hi, if the problem is suspected to be with cryptodev and not the crypto hardware or the sham driver, then it is still a problem with the TI SDK. It would be more efficient for TI to troubleshoot it since it might still require further isolation between these three components. Could TI continue troubleshoot it? Thanks.

0 Alyautdin Roman over 9 years ago in reply to Rahul Prabhu

Intellectual 345 points

    Sorry for a long reply. I have been experimenting with Freescale Imx6 platform. And currently I don't see the same "bad decrypt" issue. So in other words TI SDK for now is the only platform I have managed to reproduce the issue. I see the point of your engineers that with the omap-* crypto drivers disabled cryptodev still has ctr problems. But if it was only cryptodev issue we would be easily able reproduce it with other arm platform or x86.
     In fact for now I can't even call cryptodev community for help as the first their question will be if I can reproduce the issue anywhere else. If the issue touches only TI bsp this could mean that this is either problem somewhere in the kernel or with the toolchain.

    My freescale experiments were performed with 3.14.28 kernel and cryptodev 1.6 sources taken from TI SDK. On request I am able to provide full log. Keypoints are below:

Linux imx6i 3.14.28-42652-g158eff6-dirty #13 SMP PREEMPT Tue Apr 14 17:52:32 MSK 2015 armv7l GNU/Linux

processor    : 0
model name    : ARMv7 Processor rev 10 (v7l)
Features    : swp half thumb fastmult vfp edsp neon vfpv3 tls vfpd32
CPU implementer    : 0x41
CPU architecture: 7
CPU variant    : 0x2
CPU part    : 0xc09
CPU revision    : 10

Hardware    : Freescale i.MX6 Quad/DualLite (Device Tree)
Revision    : 0000
Serial        : 0000000000000000
root@imx6i:~/cryptotest# openssl enc -p -aes-256-ctr -salt -in hellotr -out index_php.enc -pass pass:123
salt=E9A63DB2FC96558C
key=62EB89A58BF771D49B30A420FF35BEA1A03D73D60444E25BB19FC40CD429B970
iv =DE1A163E5B6E00C7C683DA01AC9FB48A
root@imx6i:~/cryptotest# ls
hellotr        index_php.enc
root@imx6i:~/cryptotest# openssl enc -d -p -aes-256-ctr -in index_php.enc -out index_php.dec -pass pass:123
salt=E9A63DB2FC96558C
key=62EB89A58BF771D49B30A420FF35BEA1A03D73D60444E25BB19FC40CD429B970
iv =DE1A163E5B6E00C7C683DA01AC9FB48A
# openssl engine
(cryptodev) BSD cryptodev engine
(dynamic) Dynamic engine loading support

0 Rahul Prabhu over 9 years ago in reply to Alyautdin Roman

TI__Guru** 114410 points

Can you please confirm the version of OpenSSL used on the iMX6 platform is the same as the OpenSSL version included in TI SDK. The version included in TI SDK is OpenSSL 1.0.1j. For apples to apples comparison it may be useful for us to use the same version of the open source software. Also, what tool chain did you use to compile the software.

Regards,
Rahul

0 Alyautdin Roman over 9 years ago in reply to Rahul Prabhu

Intellectual 345 points

For testing I used Yocto 1.7 with openssl OpenSSL 1.0.2 22 Jan 2015,
the kernel was built with Ubuntu/Linaro 4.6.3-1ubuntu5 crosscompiler and the userland was built with Yocto toolchain.
The openssl versions differ but if we assume that TI SDK contains buggy old version I think you can simply check this building arago rootfs with the new one.
To forward the issue to cryptodev community it should be reproduced somewhere else. Currently I can't.

BR,
Roman

0 Rahul Prabhu over 9 years ago in reply to Alyautdin Roman

TI__Guru** 114410 points

Hi Roman,

I did some more experimentation with the OpenSSL AES-CTR mode and do think that the issue that you are seeing has something to do with the file size and the OpenSSL padding data that causes this issue in OpenSSL. Since I earlier suspected an issue with version of OpenSSL, I upgraded my build to OpenSSL 1.0.1l which released at the same time as OpenSSL1.0.2 (Jan 2015). We don`t have an recipe for OpenSSL 1.0.2.

root@am335x-evm:/opt# dd if=/dev/urandom of=random.txt bs=1k count=10

10+0 records in

10+0 records out

root@am335x-evm:/opt# ls -al

drwxr-sr-x 2 root root 4096 Feb 11 15:49 .

drwxr-sr-x 20 root root 4096 Feb 11 15:09 ..

-rw-r--r-- 1 root root 10240 Feb 11 15:49 random.txt

root@am335x-evm:/opt# openssl enc -p -aes-256-ctr -salt -in random.txt -out random.enc -pass pass:123 -nopad

salt=01AA8E5138EEC809

key=EDC43DA0F8D04E36987D95A57591B5E72B3D782D5DFA3140FE62D0664C6EFF5A

iv =6CC8E8C565DA5249EE6E694BED78E9CF

root@am335x-evm:/opt# openssl enc -d -p -aes-256-ctr -in random.enc -out random.dec -pass pass:123 -nopad

salt=01AA8E5138EEC809

key=EDC43DA0F8D04E36987D95A57591B5E72B3D782D5DFA3140FE62D0664C6EFF5A

iv =6CC8E8C565DA5249EE6E694BED78E9CF

root@am335x-evm:/opt# diff random.txt random.dec

root@am335x-evm:/opt# openssl enc -p -aes-256-ctr -salt -in /usr/share/matrix-gui-2.0/index.php -out indec_php.enc -pass pass:123 -nopad

salt=79F7CF7D8507A7FF

key=C1E4E6513DD7B890E257AB20BCB3120C2652345B76B6A6DABE43092CFA5836D8

iv =5919C6C3CEEF4260BB3EEC587BCBFDAE

bad decrypt <---- I believe this error occurs since size of file index.php is not a multiple of 16

3070040112:error:0607F08A:digital envelope routines:EVP_EncryptFinal_ex:data not multiple of block length:evp_enc.c:414:

root@am335x-evm:/opt# cp /usr/share/matrix-gui-2.0/index.php .

root@am335x-evm:/opt# ls -al

drwxr-sr-x 2 root root 4096 Feb 11 16:04 .

drwxr-sr-x 20 root root 4096 Feb 11 15:09 ..

-rwxr-xr-x 1 root root 5982 Feb 11 16:04 index.php

-rw-r--r-- 1 root root 10240 Feb 11 16:02 random.dec

-rw-r--r-- 1 root root 10256 Feb 11 16:01 random.enc

-rw-r--r-- 1 root root 10240 Feb 11 16:00 random.txt

root@am335x-evm:/opt# dd if=index.php bs=1k count=6 of=index_pad conv=sync (Pads the file to a multiple of 256 which I initially suspected)

root@am335x-evm:/opt# openssl enc -p -aes-256-ctr -salt -in index_pad -out index_pad.enc -pass pass:123 -nopad
salt=68CD5A952FC24A80
key=74B36F857D528DF5A55115BFA6507B265DB98BFAA091C07FD9952AD0B757D1EA
iv =77C339F824CF874A2BF6880A14779148
root@am335x-evm:/opt# openssl enc -d -p -aes-256-ctr -in index_pad.enc -out index_pad.dec -pass pass:123 -nopad
salt=68CD5A952FC24A80
key=74B36F857D528DF5A55115BFA6507B265DB98BFAA091C07FD9952AD0B757D1EA
iv =77C339F824CF874A2BF6880A14779148
root@am335x-evm:/opt# diff index_pad index_pad.dec

The same also worked when I padded the input file to make its size multiple of 16. (dd if=index.php bs=16 count=374 of=index_pad_16 conv=sync)

From what I have seen, it appears the AES-CTR is computed correctly when the input file size is multiple of 16 and no standard padding is done so if you wish we you could as a work around pad the file to multiple of 16 and then use -nopad option. Can you also let me know the size of the file you were using on imx6 when you performed your experiments.

Regards,

Rahul

0 Rahul Prabhu over 9 years ago in reply to Rahul Prabhu

TI__Guru** 114410 points

The issue with TI SHAM driver that was reported with 3.14.26 kernel and OpenSSL has now been resolved in the latest TI Linux 3.14 build. You can download the latest 3.14 tag 3.14.39 -5c43c53 tag from git.ti.com.

Note: this doesn`t resolve the issue with AES256-CTR that was reported here.

0 Alyautdin Roman over 9 years ago in reply to Rahul Prabhu

Intellectual 345 points

Hi Rahul,

   Your results inspired me to try freescale rootfs with the TI kernel and modules.
   Using it I am not able to reproduce the issue. So the bug should be either inside openssl 1.0.1
    implementation or toolchain building the openssl. Anyway openssl 1.0.2 with yocto toolchain is ok.

bash-4.3# ls -al /bin/bash
-rwxr-xr-x    1 root     root        863428 Mar 26 2015 /bin/bash
ash-4.3# openssl enc -p -aes-256-ctr -salt -in ./bash -out bash.enc -pass pass:123
salt=2A7E751980F53F0A
key=FB3CE73CDC8272BA79AF6405024E336D2FBCFE5C5B8B8806313E4685228E81CE
iv =1A3ED85BEB474B587CFD4B166B1C8DDF
bash-4.3# openssl enc -d -p -aes-256-ctr -in bash.enc -out bash.dec -pass pass:123
salt=2A7E751980F53F0A
key=FB3CE73CDC8272BA79AF6405024E336D2FBCFE5C5B8B8806313E4685228E81CE
iv =1A3ED85BEB474B587CFD4B166B1C8DDF
bash-4.3# diff bash.dec ./bash
bash-4.3# openssl version -f
compiler: arm-poky-linux-gnueabi-gcc -march=armv7-a -mfloat-abi=hard -mfpu=neon -mtune=cortex-a9 --sysroot=/home/cge/imx6/build-master+qt5.3.2+X11/tmp/sysroots/ -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN    -DTERMIO -O2 -pipe -g -feliminate-unused-debug-types -Wall -Wa,--noexecstack -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM
bash-4.3# openssl engine
(cryptodev) BSD cryptodev engine
(dynamic) Dynamic engine loading support

   So your userland engineers should consider 1.0.2 to be default for the SDK. Thanks very much for help.
   As the result of our joint efforts we have the bug fixed and proper workaround found.
   I suggest to consider the issue as resolved.

   To sum up:
   - new fix-patch for sham driver should be used (alredy in TI git repo)
   - openssl 1.0.2 doesn't face reported aes-ctr issue if is built with yocto toolchain

Thanks,
Roman

Processors

Processors forum

AM335x SDK crypto example issue

TI SDK version

Hardware

Summary

Details

Booting image preparation

Issue reproduction sequence